Request pattern change-based cache pollution attack detection and defense in edge computing

Through caching popular contents at the network edge,wireless edge caching can greatly reduce both the content request latency at mobile devices and the traffic burden at the core network.However,popularity-based caching strategies are vulnerable to Cache Pollution Attacks(CPAs)due to the weak security protection at both edge nodes and mobile devices.In CPAs,through initiating a large number of requests for unpopular contents,malicious users can pollute the edge caching space and degrade the caching efficiency.This paper firstly integrates the dynamic nature of content request and mobile devices into the edge caching framework,and introduces an eavesdroppingbased CPA strategy.Then,an edge caching mechanism,which contains a Request Pattern Change-based Cache Pollution Detection(RPC2PD)algorithm and an Attack-aware Cache Defense(ACD)algorithm,is proposed to defend against CPAs.Simulation results show that the proposed mechanism could effectively suppress the effects of CPAs on the caching performance and improve the cache hit ratio.

Cache Pollution Prevention Mechanism Based on Deep Reinforcement Learning in NDN

As a representative architecture of contentcentric paradigms for the future Internet,named data networking(NDN)enables consumers to retrieve content duplicates from either the original server or intermediate routers.Each node of NDN is equipped with cache that buffers but not validates the data,making it vulnerable to various attacks.Cache pollution,one of the specific attacks in NDN,fraudulently alters the cached contents by excessively requesting worthless information,squeezing the space of real popular contents and thus degrading the experience of normal users.In order to address the issue,this paper proposes a defense scheme based on deep reinforcement learning(DRL)against cache pollution attack,in which whether a data packet is to be cached is decided by a trained intelligent agent,that is adaptive to dynamic network states and following long term rewards,the accumulative data-requesting delays.Finally,the DRL-based scheme is evaluated and compared to two other existing schemes.Experimental results show that the proposed defense mechanism outperforms the others significantly,and is proved to be effective against cache pollution attacks.

Security Attacks in Named Data Networking: A Review and Research Directions

Contents such as audios,videos,and images,contribute most of the Internet traffic in the current paradigm.Secure content sharing is a tedious issue.The existing security solutions do not secure data but secure the communicating endpoints.Named data networking(NDN)secures the data by enforcing the data publisher to sign the data.Any user can verify the data by using the public key of the publisher.NDN is resilient to most of the probable security attacks in the TCP/IP model due to its new architecture.However,new types of attacks are possible in NDN.This article surveys the most significant security attacks in NDN such as interest flooding attacks,cache privacy attacks,cache pollution attacks,and content poisoning attacks.Each attack is classified according to their behavior and discussed for their detection techniques,countermeasures,and the affected parameters.The article is an attempt to help new researchers in this area to gather the domain knowledge of NDN.The article also provides open research issues that could be addressed by researchers.